Allow init to read apex-info-list.xml init should use subcontext (vendor_init) for actions/services from /{vendor, odm} partitions. However, when configs are from vendor APEXes, init can't tell whether the APEXes are from /{vendor, odm} just by looking at the config file paths. Instead, init can look up /apex/apex-info-list.xml for APEXes preinstalled paths to tell APEXes' original partition. Bug: 232021354 Test: atest CtsBluetoothTestCases (Cuttlefish has BT HAL APEX in /vendor) Change-Id: I8cb5d9eb3970790499ef1eb1ee00851591a42e98

commit: 61079e06f24e3ee8d753406ef662a8743828e29e [log] [tgz]
author: Jooyung Han <jooyung@google.com> Tue May 10 05:33:50 2022 +0900
committer: Jooyung Han <jooyung@google.com> Tue May 10 10:35:56 2022 +0900
tree: 425658cb92ded0a273e35d27c6ea9da3b420749c
parent: b10cffe76819906d8d158764de7f384956c20cad [diff]
diff --git a/public/init.te b/public/init.te
index d7b89f1..99e2c26 100644
--- a/public/init.te
+++ b/public/init.te

@@ -252,6 +252,10 @@
 
 allow init tracefs_type:file { create_file_perms relabelfrom };
 
+# Allow init to read /apex/apex-info-list.xml for preinstalled paths of APEXes to determine
+# subcontext for action/service defined in APEXes.
+allow init apex_info_file:file r_file_perms;
+
 allow init {
   file_type
   -app_data_file
commit	61079e06f24e3ee8d753406ef662a8743828e29e	[log] [tgz]
author	Jooyung Han <jooyung@google.com>	Tue May 10 05:33:50 2022 +0900
committer	Jooyung Han <jooyung@google.com>	Tue May 10 10:35:56 2022 +0900
tree	425658cb92ded0a273e35d27c6ea9da3b420749c
parent	b10cffe76819906d8d158764de7f384956c20cad [diff]